Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233382e302f32332d3233203d3e203432363839.roa
File: 33312e3232302e3233382e302f32332d3233203d3e203432363839.roa (raw, json)
Hash identifier: yqkI9RskiG45Z8Dtyxda2Nc4UAzhBSBqleu/ZzATQGg=
Subject key identifier: 88:1A:DF:A1:2F:3C:AE:B8:79:54:63:43:B8:64:1E:D4:82:47:EA:02
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 77D3CE1A1ABFFECA0F02C580FA1187C4393D1E4F
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233382e302f32332d3233203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:09:57 +0000
ROA not before: Thu 08 Aug 2024 10:04:57 +0000
ROA not after: Thu 07 Aug 2025 10:09:57 +0000
asID: 42689
IP address blocks: 31.220.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:d3:ce:1a:1a:bf:fe:ca:0f:02:c5:80:fa:11:87:c4:39:3d:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:04:57 2024 GMT
Not After : Aug 7 10:09:57 2025 GMT
Subject: CN=881ADFA12F3CAEB879546343B8641ED48247EA02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:c0:5d:3e:c1:24:ce:28:dd:a3:08:20:0f:
32:b6:72:a0:9f:a6:b0:74:7d:4d:3f:ef:74:d6:59:
14:8b:54:b6:a9:07:35:32:2d:89:b0:f0:8a:52:fd:
b7:6c:d7:6a:db:f3:4f:bd:1b:d9:d2:fd:d9:8a:93:
7e:5b:4c:97:93:41:a4:95:2a:29:8b:e8:2a:d3:4c:
b6:69:6e:81:c2:c8:3b:d7:a0:30:ae:09:99:67:84:
5a:ba:ab:7b:56:95:fb:e9:18:b0:8a:fd:25:4a:01:
48:8d:ab:91:83:d1:38:2a:3d:ac:98:36:8c:99:ad:
15:5e:29:63:0f:b9:dc:20:68:a6:0e:aa:77:5a:f8:
35:88:a6:ab:65:c2:fd:49:6d:fa:34:98:9c:08:2e:
c0:71:be:1e:69:d7:34:a9:e9:98:c8:41:75:0a:99:
7e:7a:64:0b:67:3c:3d:a4:d3:e8:0d:e3:ff:e7:1a:
fe:32:9c:9d:21:92:ea:e3:e2:0e:18:fb:ac:cd:31:
e8:82:b5:6e:75:fb:da:6b:14:9e:e6:db:ba:2a:12:
08:e6:fe:55:49:72:93:4a:a8:b8:a4:6b:d6:0d:52:
8f:64:09:4d:60:5b:8f:28:72:d1:de:3a:01:9c:87:
56:26:d5:11:c7:e8:c7:18:eb:3c:23:0a:cb:48:3e:
e8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1A:DF:A1:2F:3C:AE:B8:79:54:63:43:B8:64:1E:D4:82:47:EA:02
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3233382e302f32332d3233203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.238.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:ed:29:de:47:b3:52:9b:27:ae:e2:d2:88:f1:57:9e:aa:5e:
39:91:c0:65:e5:d0:db:d1:1b:3c:09:b2:e5:c2:98:d0:50:a1:
0b:95:d2:94:17:d7:a6:d3:3c:9f:5f:a4:48:82:43:cf:d2:66:
f0:72:49:b5:98:f3:58:29:2c:a4:7f:d1:89:48:c0:81:ee:32:
a2:c1:c1:39:20:5a:6d:35:af:33:c5:fb:5c:f9:90:a2:f6:8f:
e8:8e:e6:0f:d7:47:cd:52:d4:5d:b7:f8:89:65:78:ef:1e:78:
3c:ed:02:af:a2:64:88:83:bf:1a:a5:4a:bf:b6:54:32:12:a4:
dd:0c:ee:27:28:48:a1:0f:21:67:b0:54:45:dd:a2:25:13:43:
12:1d:cd:51:dd:b7:08:1d:ab:aa:fb:b9:64:a6:d1:4c:58:2e:
8f:73:ca:fe:3b:b0:70:6c:df:5e:d0:50:2b:44:d3:9d:71:ea:
52:7b:f3:bc:b3:ac:05:e5:47:ae:a0:44:06:a7:e1:01:e5:c9:
16:8e:45:c7:98:ca:22:6b:9e:5f:59:23:88:af:e9:b3:13:8a:
d7:1e:ad:2f:44:3a:32:8d:82:26:d5:49:70:d4:49:a4:38:1a:
80:aa:4c:71:c7:30:f9:be:2b:e8:fb:b1:19:b6:cb:04:7c:d7:
3f:65:8c:7d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUd9POGhq//soPAsWA+hGHxDk9Hk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDA0NTdaFw0yNTA4MDcxMDA5NTdaMDMxMTAvBgNV
BAMTKDg4MUFERkExMkYzQ0FFQjg3OTU0NjM0M0I4NjQxRUQ0ODI0N0VBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGicBdPsEkzijdowggDzK2cqCf
prB0fU0/73TWWRSLVLapBzUyLYmw8IpS/bds12rb80+9G9nS/dmKk35bTJeTQaSV
KimL6CrTTLZpboHCyDvXoDCuCZlnhFq6q3tWlfvpGLCK/SVKAUiNq5GD0TgqPayY
NoyZrRVeKWMPudwgaKYOqnda+DWIpqtlwv1Jbfo0mJwILsBxvh5p1zSp6ZjIQXUK
mX56ZAtnPD2k0+gN4//nGv4ynJ0hkurj4g4Y+6zNMeiCtW51+9prFJ7m27oqEgjm
/lVJcpNKqLika9YNUo9kCU1gW48octHeOgGch1Ym1RHH6McY6zwjCstIPui9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiBrfoS88rrh5VGNDuGQe1IJH6gIwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjMz
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
H9zuMA0GCSqGSIb3DQEBCwUAA4IBAQAa7SneR7NSmyeu4tKI8Veeql45kcBl5dDb
0Rs8CbLlwpjQUKELldKUF9em0zyfX6RIgkPP0mbwckm1mPNYKSykf9GJSMCB7jKi
wcE5IFptNa8zxftc+ZCi9o/ojuYP10fNUtRdt/iJZXjvHng87QKvomSIg78apUq/
tlQyEqTdDO4nKEihDyFnsFRF3aIlE0MSHc1R3bcIHauq+7lkptFMWC6Pc8r+O7Bw
bN9e0FArRNOdcepSe/O8s6wF5UeuoEQGp+EB5ckWjkXHmMoia55fWSOIr+mzE4rX
Hq0vRDoyjYIm1Ulw1EmkOBqAqkxxxzD5vivo+7EZtssEfNc/ZYx9
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:16 2024 by rpki-client on console-ams.rpki-client.org